Hi Jochen Many thanks for coming back to me, ive attached a screen shot of the putty interface tracking the data coming into the Ubuntu box, and the web interface GELF input.
Also below is the NXLOG configuration. Thanks again for help very much appreciated Phil ## This is a sample configuration file. See the nxlog reference manual about the ## configuration options. It should be installed locally and is also available ## online at http://nxlog.org/docs/ ## Please set the ROOT to the folder your nxlog was installed into, ## otherwise it will not start. #define ROOT C:\Program Files\nxlog define ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log <Extension _syslog> Module xm_syslog </Extension> <Input in> Module im_msvistalog # For windows 2003 and earlier use the following: # Module im_mseventlog </Input> <Output out> Module om_udp Host 192.168.10.17 Port 12201 Exec to_syslog_snare(); </Output> <Route 1> Path in => out </Route> On Tuesday, January 5, 2016 at 10:30:51 AM UTC, Jochen Schalanda wrote: > > Hi Phil, > > please post your configuration of nxlog and the configuration of the GELF > Input in Graylog (Web interface: System -> Inputs). > > > Cheers, > Jochen > > On Tuesday, 5 January 2016 10:43:49 UTC+1, Phil Bailey wrote: >> >> Morning All >> >> Was wondering if somebody could help me, i have a bit of an issue with >> Graylog2 and GELF windows logs. >> >> I have setup a GELF input and from what i can see the logs are being >> received from a Server 2012 domain controller via NXLOG, their are no >> errors on the server in the logs. >> >> on my Graylog2 server i have 204MiB or date received, but i cant see any >> event logs anywhere and i have nothing in the sources tab of servers. >> >> I have googled and come across post on here about a option that needs >> enabling but the link is dead that explains it. >> >> Can anyone please please help, im out of ideas and have reinstalled this >> twice now. >> >> Any help massively appreciated. >> >> Thanks Guys >> > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/18f65e46-7be8-4d3c-b385-0984e77e93d7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
